User-ID Redistributed users not the log file

Hi Guys,

For one our customer we have two virtual cluster - frontend and backend firewalls. On the frontend firewall we have Global Protect enabled, with LDAP and User-Group Mapping, assign different access for different user group. Connected users should be able to reach some internal resources behind the backend firewall as well.

We have configured the frontend firewall to act as User-ID agent and to redistribute the user-ip mapping learned from global protect to the backend firewall.

When GP user is log in we can see correct user-ip-mapping on both firewalls:

However the backend firewall doesn't show the source username in the logs also the ACC tab doesn't show the traffic for this user. Our main goal is to have user-id information on the backend firewall as well for reporting and audit purposes .

Re: User-ID Redistributed users not the log file

Thank you for the detailed issue description! User-ID redistribution to the backend firewalls looks to be working from what you describe; have you checked that User Identification is enabled on the corresponding zone on the backend firewall? Does the interface on the backend firewall have an interface management profile attached with User-ID enabled?

Re: User-ID Redistributed users not the log file

Thank you for the detailed issue description! User-ID redistribution to the backend firewalls looks to be working from what you describe; have you checked that User Identification is enabled on the corresponding zone on the backend firewall? Does the interface on the backend firewall have an interface management profile attached with User-ID enabled?

Re: User-ID Redistributed users not the log file

Thank you for your feedback! Indeed enabling the user identification under the zone object did the trick. I was mainly focused on establishing the redistribution and completely forgot about the zone configuration.